paulmataruso/open5gs
1
0
Fork 0
mirror of https://github.com/open5gs/open5gs.git synced 2025-11-03 05:23:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

[SEC] Fix PFCP Message Length Validation in ogs_pfcp_recvfrom (#3689)

Browse Source 
This commit modifies the message length check in ogs_pfcp_recvfrom.
Previously, the condition only verified that the received size was less than
the expected length, which could allow messages that are too long to be
processed.

The condition now requires an exact match between the received
size and the expected total PFCP message length, ensuring proper message
validation.
This commit is contained in:
Sukchan Lee
2025-02-02 11:25:14 +09:00
parent 32cf4daf3a
commit 350bc271fa
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/pfcp/path.c
View File

@@ -111,8 +111,8 @@ ogs_pkbuf_t *ogs_pfcp_recvfrom(ogs_socket_t fd, ogs_sockaddr_t *from)
excluding the first 4 bytes. */
pfcp_body_length = be16toh(h->length);
expected_total_length = pfcp_body_length + 4;
if ((size_t)size < expected_total_length) {
ogs_error("Incomplete PFCP message: expected %zu bytes, "
if ((size_t)size != expected_total_length) {
ogs_error("Invalid PFCP Header Length: expected %zu bytes, "
"received %ld bytes", expected_total_length, size);
ogs_pkbuf_free(pkbuf);
return NULL;